Ubiquiti $4bn VPN Breach Scandal Exposed | efani Partner TheNFG.com

You should use a VPN that provides a “kill switch” Using a VPN without a kill switch is a bad idea.

Recently, a brief VPN outage led to the arrest of a former Ubiquiti developer. This developer, Nickolas Sharp, has reportedly been charged with stealing data and trying to extort his employer Ubiquiti while pretending to be a whistleblower at the same time.

According to the indictment, after securing a job at another company, Sharp allegedly used his still functional privileged access to Ubiquiti’s systems at Amazon’s AWS cloud service to download large amounts of proprietary data.

During the holidays we are seeing more and more attacks but we do not expect those to come from within. To cover his tracks, Sharp had used a VPN connection to mask his real IP address. He then sent a ransom note to Ubiquiti using the same cover, demanding 25 bitcoin in exchange for a promise not to share the data.

January 2021 the Internet of Things (IoT) specialist Ubiquiti disclosed a network breach. The scope of which of the breach was questioned by an anonymous whistleblower a couple of months later. However, according to KrebsOnSecurity, it has now emerged that both incidents were the handiwork of the same individual, Nickolas Sharp, a senior developer at Ubiquiti, who has been charged for the crimes.

Here are some of the biggest risks of using a VPN without a kill switch: It leaves you vulnerable if your VPN connection drops, meaning that your ISP (and thus the government in some cases) can see what you’re up to online or access your IP address until your VPN is back up and running. Using free Wi-Fi can be dangerous, as it’s often not secure. You have to connect to the VPN, then manually disable the kill switch, then disconnect from the VPN. Only then can you browse the web without a VPN. We don’t recommend browsing unprotected.

The most dangerous part? Without the proper precautions, the user may not even know if or when that happened. To counteract this issue, several VPN services offer the “kill switch” feature. In essence, a kill switch cuts your connection to the internet altogether when your VPN connection fails.

Data breach New Mexico Healthcare Impacts 62,000 | efani SAFE?

The personally identifiable information of more than 62,000 US citizens may have been compromised following a cyber-attack against a New Mexico-based healthcare insurer.

True Health New Mexico offers a range of health insurance services to small and large employers across the southwestern US state.

In a recent security alert, the company said an authorized third party gained access to the organization’s IT systems in early October.

“Security professionals determined that impacted files may have contained information about current and former True Health New Mexico members, select providers, and some former members of New Mexico Health Connections,” reads the breach notification.

Affected data may have included policyholders’ names, dates of birth, home address, email address, insurance information, medical information, and Social Security numbers.

An entry on the HIPAA Breach Portal indicates that more than 62,000 New Mexico residents are being alerted to the incident.

 

Keywords: Healthcare, Data Breach, Data Leak, Network Security, Database Security, Cyber-attacks, Cybercrime, Hacking News, Privacy, US, North America, HIPAA, Organizations, Compliance